Location awareness technology on construction job site okay, says arbitrator

On January 14th, a British Columbia labour arbitrator dismissed an allegation that an employer breached British Columbia PIPA and the terms of a collective agreement by employing location awareness technology to manage employees on its construction job sites.

The employer used phone based technology to “manage and track […] employee attendance, including administering attendance requirements and payroll, and identifying and investigating inaccurate time keeping.” It adduced evidence problems with incidents of inaccurate logging of work and other attendance problems that it had discovered “by happenstance” through supervisors who managed crews across multiple work sites.

The employer installed the technology on work phones for use on job sites. The technology gathered data about whether an employee was within a work zone (along with distance away from the zone) once every three minutes. This data could not be reviewed until 24 hours later except for a “roll call” function that supervisors could use to check on employee location at any given time.

There is a line of British Columbia location tracking jurisprudence favourable to employers marked by a leading case decided by former Commissioner Elizabeth Denham – Schindler Elevator. The Schindler case, though, involved GPS technology installed in mobile workforce vehicles, partly for safety-related purposes – not phone based technology used on a job site to improve productivity. The union also argued that Schindler should no longer be followed because it pre-dated the Supreme Court of Canada’s alcohol testing decision in Irving Pulp & Paper.

The Board disagreed, and affirmed and applied Schindler. It held:

the information was not sensitive;
the collection was “reasonably likely” to be effective in satisfying its purposes;
the manner of collection was reasonable, in particular because the collection of data was minimized to what was necessary (not precise location and not continuous monitoring); and
the employer was entitled to collect the information even though there were other means of addressing its attendance problems, and is not required to exhaust all available alternatives.

This is a helpful decision for employers. While continuing to signal an aversion to “continuous monitoring” and highlighting the need for data minimization, the decision allows for the use of location awareness technology on a job site, which I believe is a Canadian first. It was also quite clear that this employer was motivated by distrust, which unions have argued aggravates the impact of monitoring. The employer did a good job of adducing evidence to prove it had legitimate concerns, but the Board also endorsed the proposition made in Schindler that there is “nothing remarkable” about an employer checking on compliance with work rules.

Kone Inc. v International Union of Elevator Constructors, Local 82, 2022 CanLII 1018 (BC LA).

GSB addresses use of surveillance footage

In a decision first released last September, the Grievance Settlement Board partly upheld a grievance that challenged the use of video surveillance footage in Ontario correctional facilities.

It has become standard to establish the purpose of workplace video surveillance as supportive of safety and security and to proscribe the use of surveillance technology as a replacement for supervision. In principle this distinction makes sense, though in practice it is unclear and has led to disputes.

In this case, the GSB affirmed the employer’s use of video footage to address misconduct discovered incidentally during a legitimate surveillance footage review that was occasioned by a security incident. Vice-Chair Anderson said:

The evidence as to why the surveillance camera was placed in the central control module was scant. The ISPPM indicates “audio and video technology are tools to enhance safety and security”. Sgt Essery’s evidence suggests that was the purpose for the camera in the central control module. It is clear the duties of the officers in the control module are reasonably necessary to the safety and security of inmates, staff and property in the building. I infer the ability, if necessary, to observe central control module officers in the performance of those duties has a safety and security function. The camera is also used to observe the hallway next to the central control module through which inmates pass, in particular when they are being escorted to or from the segregation units. There is no dispute that this has a safety and security function. There is no evidence that the camera was placed in the central control module for any other purposes. I conclude its placement was done in good faith for purposes permitted by Appendix COR10.

The GSB also recognized that the employer could justify the use surveillance video to spot check compliance with a procedure because the spot check and procedure were both to uphold safety and security – the primary purpose of video surveillance. In the circumstances, however, the GSB held that the employer had not proven a sufficient need for such spot checks.

The practical lesson for employers is to be wary of vague and unbounded promises to refrain from using video surveillance. The matter is one of nuance.

Ontario Public Service Employees Union (Union) v Ontario (Solicitor General), 2021 CanLII 95740 (ON GSB).

Ontario electronic monitoring bill coming

We’re getting numerous questions today about Ontario’s move to implement a electronic monitoring legislation.

We have no bill yet, but the announcement says:

The policy would need to contain information on whether the employer electronically monitors its workers, and if so, a description of how and in what circumstances the employer does this. In addition, the employer would need to disclose the purpose of collecting information through electronic monitoring.

The devil is in the detail, but this seems painless enough. There is nothing to indicate the Bill will impose a limit on monitoring, which is permitted by law and entirely unregulated in Ontario right now. Notice is a good practice, employed by many already, and can help cleanse networks of personal data that does get lost and stolen and that can complicate investigations and audits.

It will be important to see how monitoring is defined, and whether it is confined to endpoint monitoring or is likely to capture all the various means by which network data is captured and analyzed. There is a trend towards endpoint monitoring by the way, now arguably a network security best practice.

Let’s hope we get a bill that’s as benign as it has first appeared.

Ontario occupational health record law in deep need of correction

Here is the paper I submitted in participating on a panel at the LSO’s Human Rights Summit last week. The title speaks to the content, which is about the wart that is the Divisional Court finding in Hooper v. College of Nurses of Ontario. Time for Hooper to go.

View this document on Scribd

Privacy and the pandemic

I spoke today at the Schedule 2 Employers’ Group virtual speakers series about privacy and the pandemic. It was a good chance to describe all of the ways we use information to manage the risk of workplace exposure to COVID-19. We looked closely at the major information flows – screening, location tracking, exposure notification – and I even did a little riff on defense in depth. Slides below for your viewing pleasure.

Three (literal) highlights from the IPC Ontario submission

If Ontario follows through with its commitment to enact privacy legislation, the IPC/Ontario will break from her current constraints to become a privacy regulator with global relevance. We ought to listen carefully to what she is saying about reform and build a strong sense as to how she is inclined.

On October 16th, Commissioner Kosseim filed her submission to the province. It is detailed, thoughtful and strikingly moderate. It has no talk of the concept of “fundamental human rights” that has drawn the attention of the federal commissioner. Rather, the Commissioner says that balancing privacy rights with legitimate business needs is a “virtue.”

Read the submission yourself, but here are the three parts of it that I highlighted in my own read.

First, the Commissioner says we need to reframe the role of consent and develop more principled exceptions, but consent should still be at the top of the hierarchy of the bases for processing:

Some might propose that the solution lies in a GDPR-like architecture by adopting multiple grounds for lawful processing of data, whereby consent is only one such ground on the same and equal footing as other alternative bases. However, we believe that non-governmental organizations should first be required to consider whether they can obtain meaningful consent and stand ready – if asked – to demonstrate why they cannot or should not do so before turning to permissible exceptions for processing. This approach would be more in keeping with Ontario values that promote individual autonomy and respect consumer choice. Whenever it is reasonable, appropriate, and practicable for people to decide for themselves, they should be given the opportunity to do so.

Second, the Commissioner is clearly interested in AI and its implications and clearly sees value in fostering data-driven innovation, though does not propose any solutions, calling the handling of data-driven innovation “the most challenging piece to get right in any new private sector privacy law.” Here’s my highlight on this issue:

While Purpose Specification, Consent, and Collection Limitation continue to be relevant principles, a more modern private sector privacy law would need to reconsider the weight ascribed to them relative to other principles in certain circumstances. For example, in an era of artificial intelligence and advanced data analytics, organizations must rely on enormous volumes of data, which runs directly counter to collection limitation. Data are obtained, observed, inferred, and/or created from many sources other than the individual, rendering individual consent less practicable than it once was. The very object of these advanced data processes is to discover the unknown, identify patterns and derive insights that cannot be anticipated, let alone described at the outset, making highly detailed purpose specification virtually impossible.

Finally, nobody should underestimate the significance of the potential for Ontario employers to become regulated in respect of their employees. On this issue, the Commissioner’s position is clear:

Individuals should have the ability to perform their jobs with the confidence that their employer will keep them safe, while also respecting their privacy rights. Accordingly, we recommend that any private sector privacy law in Ontario should apply to all employee personal information to fill this glaring gap in privacy protection.

IPC Comments on the Ontario Government’s Discussion Paper, IPC/Ontario, 16 October 2020.

No privacy violation to tell complainants that complaint resolved by taking “action”

On February 10th, Arbitrator Oakley dismissed a grievance that alleged a university had violated a professor’s privacy by advising students that it had taken “action” to address their complaint.

Forty-three students complained about a failure to conduct sufficient evaluation by the eighth week of the term as well as inconsistent grading. The Dean investigated and issued a written warning, both actions immediately grieved by the professor and their faculty association. The Dean then sent the following communication to the complainants:

Dear Concerned Students,

Thank you for your patience.

The complaints were reviewed with [G] and the Mount Allison Faculty Association and the University took action to ensure the issues raised were addressed. This action is the subject of a grievance under the relevant collective agreement and is scheduled for arbitration in November. Collective agreements are contracts between an employer and a union governing the relationships between unionized employees and their employer. I cannot disclose any further information until the grievance is resolved by agreement or through arbitration. Please be assured that the issues you raised have been taken seriously by the University and we thank you for raising your concerns.

The professor and faculty association grieved again, relying on provincial privacy legislation, the intrusion tort and a provision of the collective agreement that prohibited the university from disclosing information in the official file.

Arbitrator Oakley dismissed the privacy grievance. He was very careful to root the decision in the facts, stressing that the university did not imply that it had disciplined the grievor.

It is entirely appropriate for Arbitrator Oakley to be so reserved, but it ought to be said that complainants of all kinds have a strong interest in knowing how their complaints are resolved and ought not to be deprived of the basic facts pertaining to resolution, in my own view even if that includes facts about discipline imposed. Privacy is not absolute and does not preclude the meeting of valid competing interests.

Mount Allison Faculty Association v Mount Allison University, 2020 CanLII 33895 (NB LA).

Arbitrator declines to find a privacy violation for inquiry made of employee’s second employer

As the gig economy rises, work for more than one employer is becoming more common, and work across multiple employers has been common in the health care sector for some time. What, then, is an employer to do if its employee has taken sick leave but may be working for their other employer? Can the employer simply ask the other employer if the employee is at work?

There are some discipline cases in which unions have not challenged such questioning and others in which employers have asked for employee consent to make the inquiry. Last July, Arbitrator Brian Sheehan of Ontario entertained and dismissed what I believe to be the first privacy breach allegation on point, though he did so in quite a qualified manner.

The employer’s inquiry was apparently based on a mere suspicion. Mr. Sheehan explained, “For Ms. Valentin, the grievor’s relatively significant level of absenteeism, in addition to Ms. Valentin’s perception that there was a pattern of the grievor being absent from work on days before or after her scheduled days off was suspicious.”

To aggravate the situation, when the employer called the other workplace it received the information it was seeking plus some editorial – that the grievor’s “attitude stinks.”

Mr. Sheehan nonetheless declined to find a privacy breach. He said:

As to the Union’s privacy argument, factually, I do not find that claim particularly compelling. Based on the Employer’s understanding of the facts as of September 2014, it had, in my view, a reasonable basis to investigate the grievor’s work history at Villa Leonardo. The Union’s primary complaint was that the Employer should have initially sought to obtain the information from the grievor. On this point, while as previously noted the grievor was fairly forthcoming with respect to her work history at Villa Leonardo, she was in fact mistaken as to her work history in relation to some of the days in question. At the same time, the Employer arguably should have followed the approach in the Province of Alberta, supra, case and sought the grievor’s consent to obtain the relevant documentation from Villa Leonardo.

At the end the day, however, the extent of the nature of the invasion of the grievor’s privacy relates to the Employer asking a third party the work history pertaining to the grievor. Seeking such information is definitively on the lower end of the spectrum of the privacy interests of an individual that warrant protection, and that interest is far removed from the surreptitious electronic surveillance that was in dispute in the cited Domain Forest Products, supra, and Ebco Metal Finishing Ltd., supra, cases. In this regard, any breach of the grievor’s privacy interest was, in my view, de minimis in nature; such that, I am not inclined to issue any sort of declaration or sanction.

This is best understood as a discouragement to employers, without an actual finding based on an application of the de minimis non curat lex principle: the law will not concern itself with trifles.

No arbitrator is bound to follow another arbitrator, but employers can take some comfort in this award. If they have a reason not to ask for consent (and are prepared to articulate it if challenged) they may decide to unilaterally seek information from another employer about whether an employee was or was not at work during a period of time. The risk of liability is low.

Toronto (City) v Canadian Union of Public Employees, Local 79, 2019 CanLII 78856 (ON LA).

Organization stumbles into BYOD nightmare

Hat tip to investigation firm Rubin Thomlinson for bringing an illustrative British Columbia arbitration decision to my attention. The remarkable April 2019 case involves an iPhone wiped by an employee’s wife mid-investigation!

The iPhone was owned by the employer, but it set it up using the employee’s personal Apple ID. That is not uncommon, but the employer apparently did not use any mobile device management software. To enforce its rights, the employer relied solely on its mobile device (administrative) policy, which disclaimed all employee privacy rights and stipulated that all data on employer devices is employer-owned.

Problems arose after the employer received a complaint that the employee was watching his female colleagues. The complainants said the employee “might also be taking pictures” with his phone.

The employer met with the employee to investigate, and took custody of the phone. The employee gave the employer the PIN to unlock the phone, but then asked for the phone back because it contained personal information. The employer excluded the employee and proceeded to examine the phone, but did not finish its examination before the employee’s wife (who the employee had phoned) remotely wiped the phone and refused to restore it with backup data.

The employer terminated the employee for watching the complainants (though not necessarily taking their pictures) and for insubordination.

The arbitrator held that the employer did not prove either voyeurism or insubordination. In doing so, he held that the employer had sufficient justification to search the phone but that it could not rely on its mobile device policy to justify excluding the employee from the examination process and demanding the recovery of the lost data. Somewhat charitably, the arbitrator held that the employee ought to be held “accountable for failing to make an adequate effort to encourage his wife to allow for recovery of the data” and reserved his decision on the appropriate penalty.

The employer took far too much comfort from its ownership of the device. Given the phone was enabled by the employee’s personal Apple ID, the employer was faced with all the awkwardness, compromise and risks of any BYOD arrangement. Those risks can be partially mitigated by the use of mobile device management software. Policy should also clearly authorize device searches that are to be conducted with a view to the (quite obvious) privacy interest at stake.

District of Houston v Canadian Union of Public Employees, Local 2086, 2019 CanLII 104260 (BC LA).

For Rubin Thomlinson’s more detailed summary of the case, please see here.

BC arbitrator admits surveillance that captures “sexual relations” in the office

Vernon Professional Firefighters’ Association I.A.F.F. LOCAL 1517 v Corporation of the City of Vernon is a well argued video surveillance case in which Arbitrator Dorsey held that a fire service properly employed video surveillance in response to a suspicion that documents had been taken from a filing cabinet in the (interim) Chief’s office. The surveillance captured two employees having “sexual relations,” an act for which they were terminated.

The Association’s theory was the decision to employ surveillance was a product of “paranoia and distrust” arising out of bad labour relations. The Employer argued the bad labour relations in its favour, ultimately convincing Mr. Dorsey that protecting its information was one concern, but determining who it believed had accessed the information without authorization was an equally legitimate objective in the context. It’s a decision that turns on its facts, though there are some other notable findings. Namely, Mr. Dorsey found that:

the installation of surveillance in this context was an “indirect collection” of personal information under British Columbia’s public sector privacy legislation (para 79);
the standard for employing surveillance under public sector privacy legislation and a collective agreement ought to be the same (para 239);
having a meeting with staff about the the terminations was a legitimate means of addressing rumors and speculation about the terminations and did not invite a further breach of privacy as alleged (para 93).

Arbitrator Dorsey does suggest, problematically in my view, that surveillance evidence ought to be excluded if collected via “an unjustified employer invasion of employees’ privacy rights.” Like many arbitrators, Arbitrator Dorsey frames the power to exclude evidence as discretionary but links the exclusion analysis to one factor above all others – justification. If the exclusion analysis is to be undertaken reasonably, it must encompass “all relevant factors,” including the impact of any exclusion decision on the administration of (administrative) justice and ongoing labour relations.

Vernon Professional Firefighters’ Association I.A.F.F. LOCAL 1517 v Corporation of the City of Vernon, 2018 CanLII 111669 (BC LA).